18 Mar 2019

Current phishing defense strategies and execution are not hitting the mark

New research by ISACA and Terranova Security shows that only about 63% of organizations are properly keeping track of the effectiveness of their strategies for informing employees about phishing and preventing them from falling for this type of attack. The study also found that only a small majority of companies

Read More
08 Mar 2019

Egypt government used Gmail third-party apps to phish activists

Over the past few years, a series of privacy scandals including the Facebook/Cambridge Analytica scandal have spurred an international push for better privacy laws. In some parts of the world, policymakers have responded to this movement by introducing new data protection bills, such as the EU General Data Protection Regulation

Read More
05 Mar 2019

Microsoft Sees 250% Phishing Increase, Malware Decline by 34%

The 24th volume of Microsoft’s Security Intelligence Report shows that phishing surged in 2018. The detected 250% increase in phishing attacks last year confirms similar findings of other recent studies. The research also confirmed that threat actors are moving away from ransomware and malicious software (malware) in general, as malware

Read More
01 Mar 2019

Businesses need to rethink security priorities due to shifting trends

Cyberattacks involving the psychological manipulation of targeted users, which is known as social engineering, have surged in 2018, a new Trend Micro report has found. According to the report, the number of detected phishing URLs increased by 269% compared to the year before. The finding is in line with a

Read More
01 Mar 2019

40% of malicious URLs were found on good domains

A new Webroot report provides valuable insights into the threat landscape. The report contains various striking findings, including the fact that 2 out of 5 (40%) malicious URLs can be found on otherwise benign web pages, which indicates that cybercriminals often succeed in injecting legitimate websites with bad links and

Read More
27 Feb 2019

Increasing security measures are driving cybercriminals to alter their techniques

The 2019 IBM X-Force Threat Intelligence Index shows that cybercriminals are moving away from ransomware and malware in general because a growing awareness of these attacks among organizations, in combination with increased threat mitigation efforts, have made malware-based attacks less lucrative. Cryptojacking attacks, in which threat actors hijack the processing

Read More
27 Feb 2019

Attackers Continue to Focus on Users, Well-Worn Techniques

Two new research reports indicate that threat actors mostly rely on traditional techniques, including phishing and credential stuffing, to target organizations. Trend Micro’s yearly security report for 2018 shows that the company detected 82% more phishing URLs in 2018 than it did the year before. The other report, a Rapid7

Read More
19 Feb 2019

Hackers Use Compromised Banks as Starting Points for Phishing Attacks

A new report by Group-IB indicates that cyber attacks on financial institutions can create a domino-effect when threat actors use their foothold on a breached network to infiltrate the systems of connected organizations in other parts of the world. Group-IB has seen various real world instances of these kinds of chain

Read More
07 Feb 2019

Clever Phishing Attack Enlists Google Translate to Spoof Login Page

Akamai researchers have uncovered a new and unique phishing campaign. As in all phishing campaigns, the threat actors are out to obtain sensitive information from victims. In this case, they want to trick victims into filling out their Facebook and Google login credentials on a fake website. However, instead of creating

Read More
24 Jan 2019

Microsoft remains the most impersonated brand, Netflix phishing spikes

According to Vade Secure’s latest phishing report, the most impersonated brand in the final quarter of last year was Microsoft (again). The other brands making up the top 10 were Netflix, Paypal, Bank of America, Chase, DHL, Facebook, Docusign, Linkedin and Dropbox. Phishing messages pretending to come from Netflix increased

Read More